Helping Students Build More Secure Software

Coverity, a source-code analysis firm, is partnering with top computer science programs to help students build better software.

In an effort to help educate the next generation of software engineers, Coverity, a San Francisco-based software engineering company, announced Sept. 18 its university outreach program, already in partnership Carnegie Mellon, Purdue and Stanford University.
Coveritys bug-finding technology, Prevent, was developed in the labs of Stanford University. Its source-code analysis system detects defects in open-source projects such as Linux and FreeBSD. This technology is hoped to help professors and students in computer science programs analyze code during the development process, as well as pinpoint potential defects and security vulnerabilities.

"I absolutely wish I had this program available when I was in school. We had to do so much manually," Ben Chelf, chief technology officer of Coverity, told eWEEK.
Chelf hopes to deal with the urgent problems caused by a lack of quality in software, citing factors such as increases in software project size and complexity, lack of security training from engineers, and shorter development timetables as reasons for an increase in the number of security vulnerabilities and software defects in the last few years.
Under Coveritys new agreement with CMU, Purdue and Stanford, enrolled computer science students will be able to use Prevent for educational research and instruction, while they provide feedback on the technology.

"Whats nice about the technology is that its like a helper right next to you giving you not just stylistic but real corrections that will help make your program work. Its like a TA looking over your shoulder," said Chelf.
Check out eWEEK.coms for the latest open-source news, reviews and analysis.